What Is Ransomware?
Ransomware is a subtype of virus that, once downloaded, hijacks the victim’s files until a ransom is paid. Often, ransomware will lock a victim’s computer or steal their data, and won’t release the data until the victim pays the ransom.
The first known ransomware attack was in 1989, and attacks have only become more sophisticated since. The two most prevalent types of ransomware are encrypting ransomware, which encrypts the victim’s files and demands a ransom for the key that can unlock the files, and locker ransomware, which simply prevents the victim from using their computer at all until the ransom is delivered.
How Does Ransomware Enter a System?
Because ransomware is a type of virus, it is spread both directly from attacker to victim, as well as from victim to victim. Most often, these attacks come through email, usually as an attachment.
An often harmless-looking email will be sent to the victim, and then the victim will download the attachment, which will run a program once downloaded that attacks. Once the virus is in the system, it can spread to other users, which is why office environments can be so dangerous.
How Can You Prevent a Ransomware Attack?
Though ransomware can seem scary, there are a few simple tips that can keep you safe from the majority of threats.
- Backup your computer regularly
The best ransomware protection is a reliable backup of your systems. If your files are updated regularly to an external source (ideally one that is not connected to the Internet), you will have no reason to fear ransomware attacks. In the case that you were to lose access to your systems, you would simply be able to erase your hard drive and restore from the most recent backup. - Install virus protection software
In general, it is a good idea to have virus protection software for any type of attack that may be launched against your systems. Make sure to only download anti-virus programs from reputable sources, such as Kaspersky Lab, Bitdefender, Norton, McAfee, and Webroot. - Be wary of any email asking you for information
The majority of ransomware attacks come through email. Do not respond to emails that ask you for personal information, such as your password, social security number, or date of birth. Your bank or credit card company will never ask you for sensitive information over email. If you have any doubts as to whether an email is legitimate, err on the side of caution – call the company to confirm (making sure you’re using the official phone number listed on the company’s website, not what’s listed in the suspicious email). - Block any email attachments that would run a program
Before you download an attachment, make sure the sender is someone you recognize, and don’t download attachments that will run a program, such as files that end in .exe or .js. - Do not engage with popups
Though not as common as email, pop-ups are another way that ransomware can infect a computer. Avoid clicking any links inside of them – simply close them out when they appear. - Keep your systems up to date
Not all software updates carry new features – the majority are security patches that will keep you safe. Don’t delay updates just because they’re inconvenient. Set your systems to automatically check for updates, and download them once they become available. - Educate your employees about the dangers of ransomware, and how to maintain smart computer practices
Offices are especially vulnerable to ransomware, as there are so many individuals sending emails back and forth on a daily basis. Make sure your employees understand what ransomware is, how it’s spread, and how to prevent an attack. If you have a BYOD (bring your own device) policy, ensure that employees are installing anti-virus software on their personal devices, as well as updating their software regularly.
What Should You Do If You Are Under Attack?
In the event that you find your company the victim of a ransomware attack, you have several options.
In the vast majority of cases, it is advisable that you do not pay the ransom, as this only encourages attackers, and you have no real guarantee that your systems will be unlocked and your data safe once the ransom is paid.
If possible, take a snapshot of your system, and then shut down to prevent the spread of the ransomware and damage to your data. If this isn’t possible, you should at the very least disconnect from the Internet.
Next, try to determine how the attack came into your system. Look through any emails carrying attachments, and make sure the infected files don’t continue to spread. You may also want to notify authorities of the situation. Often, there won’t be much that they’ll be able to do, but reporting the crime helps authorities keep track of who is being affected by various attacks, and helps them allocate the proper resources to preventing these attacks. Finally, seek help from data recovery specialists to see what can be done. Don’t lose hope – even if you are unable to recover your files in the moment, it may be possible that down the road, you will be able to.
Protect Your Business
Don’t wait until it’s too late to protect your business. Ransomware attacks can strike anyone, even those who feel they are tech-savvy and can spot malicious attempts. At Customer 1st Communications, we help businesses secure their systems in the metro Atlanta area, providing services in everything from cloud integration and cabling solutions to network security and cloud disaster recovery. To schedule a consultation, contact us online or give us a call at 855-TECH-C1C (855-832-4212).
